<?php
/**
 * @todo 数据校验
 * @copyright gaoxiang 2009
 * @author gaoxiang
 * @createdate 2009.04.1
 * @license 本程序遵照Creative Commons 署名-非商业性使用-相同方式共享 2.5 中国大陆 协议，该协议的中文版本可在http://creativecommons.org/licenses/by-nc-sa/2.5/cn/下查看。
 **/
 $check_online=0;//验证是否是在线验证程序，不显示头部
 require_once(dirname(dirname(__FILE__)) . '/require/load.php');
session_start();
check_user();
if ($_GET['action'] =="product_edit"){//生产批号重复及格式校验
	$product_value = $_GET['value'];
	$check_query = 'SELECT pid FROM produce where product_id="' . $product_value . '"';
	if (mysql_num_rows(mysql_query($check_query)))
		echo 0;
	elseif (!is_product($product_value))
		echo -1;
	else
		echo 1;
}elseif($_GET['action']=='pquery_edit'){
	$product_query = $_GET['product'];
	switch ($_GET['item']){
		case "fdate";
			if (is_date($_GET['value']))
				$query_item = "pcreate_time";
			else{
				echo 0;
				exit;
			} 
			break;
		case "frog";
			if(is_rog($_GET['value']))
				$query_item = "prog";
			else{
				echo 0;
				exit;
			}
			break;
		case "fclient";
			if(!$_GET['value'])
				$query_item = "pclient";
			else{
				echo 0;
				exit;
			}
			break;
		case "fspec";
			$query_item = "pspec";
			break;	
		case "fproduct";
			if(is_product($_GET['value']))
				$query_item = "product_id";
			else{
				echo 0;
				exit;
			}
			break;	
		case "fweight";
			if((!$_GET['value']) || (!is_number($_GET['value'],0)))
				$query_item = "pweight";
			else{
				echo 0;
				exit;
			}
			break;	
		case "fdefect";
			if((!$_GET['value']) || (!is_number($_GET['value'],1)))
				$query_item = "pdefect";
			else{
				echo 0;
				exit;
			}
			break;
		case "fjudge";
			$query_item = "pjudge";
			break;			
		case "fremarks";
			$query_item = "premarks";
			break;			
		case "fmould";
			if(is_mould($_GET['value']))
				$query_item = "pmould";
			else{
				echo 0;
				exit;
			}
			break;
		case "fsurface";
			$query_item = "psurface";
			break;
		default:
			echo "Server encounter a fatal error !"	;
			break;			  
	}
	if ($query_item== "product_id")
		$query = "UPDATE `gdcopper_al`.`produce` SET `product_id` = '" . $_GET['value'] . "', `pmachine` = '" . substr($_GET['value'],6,2) . "', `pclass` = '" . substr($_GET['value'],8,1) . "', `pgroup` = '" . substr($_GET['value'],9,1) . "',uuserid=". $_SESSION['userid'] ." WHERE `produce`.`product_id` ='". $_GET['product'] . "' LIMIT 1";
	else 
	$query = "UPDATE `gdcopper_al`.`produce` SET `" . $query_item . "` = '" . $_GET['value'] . "',uuserid=". $_SESSION['userid'] . " WHERE `produce`.`product_id` ='". $_GET['product'] . "' LIMIT 1";
	if($database->write_table($query)){
		echo 1;
	}else
		echo 0;
}elseif($_GET['action']=='pquery_delete'){
	$query = "INSERT INTO `gdcopper_al`.`produce_undo` (`pcreate_time`,`pclient`,`pspec`,`prog`,`pmachine`,`pclass`,`pgroup`,`product_id`,`pmould`,`pweight`,`pdefect`,`psurface`,`pjudge`,`premarks`,`cuserid`) SELECT `pcreate_time`,`pclient`,`pspec`,`prog`,`pmachine`,`pclass`,`pgroup`,`product_id`,`pmould`,`pweight`,`pdefect`,`psurface`,`pjudge`,`premarks`,`cuserid` FROM `gdcopper_al`.`produce` WHERE `product_id`='" . $_GET['product'] . "' LIMIT 1"; 
	$update_user="UPDATE `gdcopper_al`.`produce_undo` SET uuserid=" . $_SESSION['userid'] ." WHERE product_id='" . $_GET['product'] . "' LIMIT 1";
	$delete_data = "DELETE FROM `gdcopper_al`.`produce` WHERE `product_id`='" . $_GET['product'] . "' LIMIT 1";
	$database->write_table($query);
	$database->write_table($update_user);
	$database->write_table($delete_data);
	echo 1;
}elseif($_GET['action']=='pquery_undo'){
	$query = "INSERT INTO `gdcopper_al`.`produce` (`pcreate_time`,`pclient`,`pspec`,`prog`,`pmachine`,`pclass`,`pgroup`,`product_id`,`pmould`,`pweight`,`pdefect`,`psurface`,`pjudge`,`premarks`,`cuserid`) SELECT `pcreate_time`,`pclient`,`pspec`,`prog`,`pmachine`,`pclass`,`pgroup`,`product_id`,`pmould`,`pweight`,`pdefect`,`psurface`,`pjudge`,`premarks`,`cuserid` FROM `gdcopper_al`.`produce_undo` WHERE `product_id`='" . $_GET['product'] . "' LIMIT 1"; 
	$update_user="UPDATE `produce` SET `uuserid`= " . $_SESSION['userid'] ." WHERE `product_id`='" . $_GET['product'] . "' LIMIT 1";
	$delete_data = "DELETE FROM `gdcopper_al`.`produce_undo` WHERE `product_id`='" . $_GET['product'] . "' LIMIT 1";
	$database->write_table($query);
	$database->write_table($update_user);
	$database->write_table($delete_data);
	echo 1;
}elseif($_POST['action']=='output'){
		if(isset($_SESSION['output'])){
			if($_SESSION['output']==1){
				echo 1;
				unset($_SESSION['output']);
			}else{
				echo 0;
			}
		}else
			echo -1;
}elseif($_GET['action']=='pack_edit'){
	if(isset($_GET['value'])){
		$query="SELECT pid FROM produce WHERE product_id='" . $_GET['value'] . "' LIMIT 1";
		if(mysql_num_rows(mysql_query($query))){
			echo 1;
		}else
			echo 0;
	}else
		echo -1;
			
}
 ?>